[PATCH v2] drm/i915: clarify reasoning for the access_ok call

Kees Cook Mon, 11 Mar 2013 14:38:33 -0700

This clarifies the comment above the access_ok check so a missing
VERIFY_READ doesn't alarm anyone.


Signed-off-by: Kees Cook <keesc...@chromium.org>
Cc: Daniel Vetter <daniel.vet...@ffwll.ch>
---
v2:
 - rewrote comment, thanks to Chris Wilson
---
 drivers/gpu/drm/i915/i915_gem_execbuffer.c |    6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/drivers/gpu/drm/i915/i915_gem_execbuffer.c 
b/drivers/gpu/drm/i915/i915_gem_execbuffer.c
index bf7ceca..89c4039 100644
--- a/drivers/gpu/drm/i915/i915_gem_execbuffer.c
+++ b/drivers/gpu/drm/i915/i915_gem_execbuffer.c
@@ -751,7 +751,11 @@ validate_exec_list(struct drm_i915_gem_exec_object2 *exec,
 
                length = exec[i].relocation_count *
                        sizeof(struct drm_i915_gem_relocation_entry);
-               /* we may also need to update the presumed offsets */
+               /*
+                * We must check that the entire relocation array is safe
+                * to read, but since we may need to update the presumed
+                * offsets during execution, check for full write access.
+                */
                if (!access_ok(VERIFY_WRITE, ptr, length))
                        return -EFAULT;
 
-- 
1.7.9.5


-- 
Kees Cook
Chrome OS Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[PATCH v2] drm/i915: clarify reasoning for the access_ok call

Reply via email to